If you're already using a service like Iron Mountain for offsite archiving (and even if you're not) it might make sense to consider outsourcing the archive. Organizations have many concerns from SOX to Bliley to Patriot Act, HIPPA and new Federal Rules of Civil Procedure. Keeping documents for a multi-year period --or emails forever in many cases for legal reasons-- is a big change that's occured over the past three to five years because emails are now considered legal documents.

Regulators often require companies to be able to bring up mission-critical applications and that often determines tiering requirements. For example, tier 1 mission-critical within six-to-twelve hours, tier 2 within twenty-four hours or tier 3 within seventy-two hours. Email often falls into tier 1 but after some number of days, they will often migrate to tier 2 or tier 3. This underscores the audit concerns organizations have and the need to make sure adequate processes are in place. Indeed, the lawyer community will often attack an organization's proceesses and procedures as a weak point in a case, sometimes flipping the burden of proof.

Outourcing the archive can, for somewhere between $3 - $7 per user per month get the SLA guarantees required to support these applications that internal IT may not be able to (or want to) worry about. Service level agreements here might include factors like the data hasn't been tampered with, all emails have been captured, procedures are in place and followed correctly, etc. The outsourcing vendor may not have all the bells and whistles functionality but process-wiese they're probably pretty up-to-date.

Action Item: Because risk reduction is the primary driver for email archiving, third party services should be considered as viable options to source the archive. This will allow organizations to more quickly deliver on the promises of the archiving initiative.